861adc4cdc7f8e8c606094958be06d76

Sharing

Copy URL Twitter E-mail

General

Target

861adc4cdc7f8e8c606094958be06d76
Size

77KB
MD5

861adc4cdc7f8e8c606094958be06d76
SHA1

cca4a4245ded3d41d5ec81f2edb1580f12e0c276
SHA256

cb8fbfcbacd94c479765b938fa94f69bd3d915b0dbecf877f7dc20b672159402
SHA512

acc578c5dfe03ce3b1518d432b9f2959806cd26cb87775da41100a3720171167ea9a733dc57060e6a7b725eb78d89aa2f0e7d02da30bba1d2bae9db6b0cde4d5
SSDEEP

1536:RaB/gErk/S0t/dqFNLc9TBGLAWAj3MQ7aRdkFEiWHnlmMQ9gQz6yhSwrDgPKwGj9:YB/gErk/RJdqFNaTBxEWnWHSgQzNsb/P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
861adc4cdc7f8e8c606094958be06d76

Files

861adc4cdc7f8e8c606094958be06d76
.dll windows:4 windows x86 arch:x86

c4561c7204d74c5576cb76179b5e20fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetSystemDefaultLangID
ExpandEnvironmentStringsW
CloseHandle
GetCurrentThreadId
lstrlenW
lstrcmpW
GetModuleFileNameW
VirtualProtect
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleHandleW
GetProcAddress
GetVersion
Sleep
GetBinaryTypeW
GlobalHandle
GlobalUnlock
GlobalFree
LockResource
LoadResource
FindResourceExW
LoadLibraryW
FreeLibrary
GetLastError
LocalFree
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoW
RtlUnwind
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
MultiByteToWideChar

user32

DrawTextW
EndPaint
GetScrollInfo
SetScrollInfo
EnableScrollBar
UpdateWindow
GetCursorPos
GetClientRect
GetClassInfoExW
LoadCursorW
GetMessagePos
InvalidateRect
FillRect
BeginPaint
GetParent
SetCapture
ReleaseCapture
DrawEdge
PtInRect
GetDlgCtrlID
FrameRect
GetSysColorBrush
DrawStateW
DrawIconEx
DestroyMenu
TrackPopupMenuEx
InsertMenuItemW
CreatePopupMenu
LoadBitmapW
GetSysColor
GetDlgItem
GetWindowRect
CreateWindowExW
GetDC
GetWindowLongW
SetWindowPos
ReleaseDC
IsWindow
RegisterClassExW
DefWindowProcW
GetKeyState
SendMessageW
ClientToScreen
ScreenToClient

advapi32

RegQueryValueExW
RegOpenKeyExW
ConvertStringSidToSidW
EqualSid
OpenProcessToken
GetTokenInformation
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
RegCloseKey

gdi32

GetDeviceCaps
GetTextExtentPoint32W
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SetBkMode
GetTextExtentPointA
BitBlt
GetObjectW
DeleteObject
SetTextColor
SetBkColor
GetStockObject
SelectObject
GetTextMetricsW
EnumFontFamiliesExW
CreateFontIndirectW
DeleteDC

ole32

CoCreateInstance
CoUninitialize

msvcrt

memset
_CxxThrowException
_callnewh
_onexit
_vsnwprintf
_cexit
memcpy
_amsg_exit
_wcmdln
exit
_initterm
free
_adjust_fdiv
malloc
memmove
_except_handler3
time
localtime
difftime
clock
ctime
asctime
__dllonexit

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4561c7204d74c5576cb76179b5e20fc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

msvcp60

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 34KB - Virtual size: 67KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 34KB - Virtual size: 67KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB